IPMediumSignal 83/100
165.231.182.82
Location
EstoniaTallinn, 37
ASN
AS58065
Fibersa
First Seen
Feb 8, 2024
Last Seen
May 10, 2026
Found in 14 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
83%
Signal Score
83 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryEstonia
EstoniaRegionTallinn, 37
ASNAS58065
OrganizationFibersa
IP Category
⊕
VPN
VPN exit node
Feed Intelligence Summary
14 reports83% confidence
14
Source reports
83%
Confidence score
Category tags
active scanningantispamattackauto-generated securitybotnetbrute forcecommand and controlcommunication protocolcowrie activitycowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdecoy systemdionaea activitydionaea honeypotdistributed attackseeestoniaeuropeftp brute forceinformation technologyinfrastructure acquisitionreconnaissanceit infrastructurelog4jmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemanualnetworknetwork intrusionnetwork scanningnetwork securityphishing attackprocess injectionproxyreconnaissanceresearchedresource hijackingsentrypeer activitysentrypeer botnetseychellessftp attacksip brute forcesocial engineeringsoftware developmentssh attackssh monitoringt1021t1021.001t1021.004t1040t1041t1046t1055t1059t1059.004t1071.001t1110t1110.001t1110.002t1110.003t1190t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1587.001t1590.001t1595t1595.001t1595.002t1595.003tannertelecommunicationsthreat actorthreat intelligencetpotunauthorized access attemptvoipvoip attackvpn
Activity Timeline
May 10May 10
Threat Activity Heatmap
· Peak: 2026-05-10LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
83
SIGNAL
Signal Score
83%
Confidence
14
Reports
First seenFeb 8, 2024
Last seenMay 10, 2026
GeolocationEE
CountryEstonia
LocationTallinn, 37
ASNAS58065
OrgFibersa
Coords59.4330, 24.7323
VPN
VirusTotal
Not checked
WHOIS
- description
- Imported indicator
- raw
- inetnum: 165.223.0.0 - 166.7.255.255 netname: NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK descr: IPv4 address block not managed by the RIPE NCC remarks: ------------------------------------------------------ remarks: remarks: For registration information, remarks: you can consult the following sources: remarks: remarks: IANA remarks: http://www.iana.org/assignments/ipv4-address-space remarks: http://www.iana.org/assignments/iana-ipv4-special-registry remarks: http://www.iana.org/assignments/ipv4-recovered-address-space remarks: remarks: AFRINIC (Africa) remarks: http://www.afrinic.net/ whois.afrinic.net remarks: remarks: APNIC (Asia Pacific) remarks: http://www.apnic.net/ whois.apnic.net remarks: remarks: ARIN (Northern America) remarks: http://www.arin.net/ whois.arin.net remarks: remarks: LACNIC (Latin America and the Carribean) remarks: http://www.lacnic.net/ whois.lacnic.net remarks: remarks: ------------------------------------------------------ country: EU # Country is really world wide admin-c: IANA1-RIPE tech-c: IANA1-RIPE status: ALLOCATED UNSPECIFIED mnt-by: RIPE-NCC-HM-MNT created: 2019-01-07T10:48:56Z last-modified: 2019-01-07T10:48:56Z source: RIPE role: Internet Assigned Numbers Authority address: see http://www.iana.org. admin-c: IANA1-RIPE tech-c: IANA1-RIPE nic-hdl: IANA1-RIPE remarks: For more information on IANA services remarks: go to IANA web site at http://www.iana.org. mnt-by: RIPE-NCC-MNT created: 1970-01-01T00:00:00Z last-modified: 2001-09-22T09:31:27Z source: RIPE # Filtered
- references
- https://github.com/telekom-security/tpotce
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 2 years ago · Last seen 1 month ago
Appeared in 14 threat reports